Click here to close now.




















Welcome!

Real-World SOA Book: Blog Post

API Management Invasion: SOA At the Gates

API Management Best Practices are being used for Internal API Management

One of the most surprising moments of my talk at QCon San Francisco last week was when I asked the audience who is ‘doing’ service oriented architecture inside their Enterprise.

API Management Best Practices are being used for Internal API Management

API Management Best Practices are being used for Internal API Management

Everyone raised their hand, or nearly everyone. There was no hesitation. The question was clear and the response was swift. Attendees didn’t look around to see if they were the only one riding this ‘dead’ trend. Instinct took over and hands shot up all around. The same question last year at the same conference yielded a positive response from less than half the respondents. Sure, this experiment is anecdotal with a mere slice of the relevant respondents and absolutely no control group, but I think it validates Gartner’s plateau of productivity for services. Productive yes, but maximally productive – no. For internal services to be realized more fully, SOA needs API management.

API Sharing – What’s That?
I talked to attendee after attendee, all with a similar story. The story was how their Enterprise decomposed their assets into programmable services using SOA and hosted their services on vendor platforms (IBM,Tibco, Microsoft) and/or open source. An informal survey yielded most developers using Spring, Jersey or Ruby on Rails as popular ways to host internal services. While services were plentiful, there was simply no single pane of glass, or single source of the truth for internal developers to go to discover and make use of disparate services.

APIs, which in one sense are the closest thing to any developer’s heart, were also the most elusive. For the day to day practitioner, the developer, there is still a significant mental gap between SOAP web services and “APIs.” Many attendees hadn’t heard of solutions for internal SOA governance of the registry/repository ilk and the distance between SOAP and API management seems like light-years. Public and open API programs didn’t seem to “apply” to the quandary of the day to day developer.

Even when valuable functionality is implemented, I heard horror stories of services being implemented twice or three times over in different parts of the Enterprise simply because developers didn’t know that this functionality already existed and had no good way to reuse the components. A service hiding behind a WSDL on Microsoft .NET with zero discoverability is like an invisibility cloak on your SOA. The functionality is there, but almost impossible to use unless you are the original developer or  an asetic monk that regularly engages in <wsdl:definitions> tag torture.

It’s time for an API Management invasion. API management has optimized the process for developer on-boarding and fast time to market for services.  Developer portals shine in solving this problem. Why? Because they’ve been battle-tested on the open Internet, with hundreds or thousands of “zero-trust” developers. The model is there, it just needs a way to invade the Enterprise. If you are like any of the attendees I talked to last week and already have a SOA that isn’t delivering value, consider how you might apply best practices such as an internal developer portal, fast on-boarding processes, interactive documentation, analytics and other best practices from the open API movement to evangelize and share your components from within. Invade your SOA with API Management.

API Management Enables Internal APIs

Expressway helps Enterprises power internal and hybrid APIs

The post API Management Invasion: SOA At the Gates appeared first on Application Security.

Read the original blog entry...

More Stories By Blake Dournaee

Blake Dournaee is currently the product manager responsible for Intel SOA products. As a product manager at Sarvega, he was deeply involved in the development of their flagship XML security, routing and acceleration appliance products. He was a specialist in applied cryptography applications at RSA Security and was a frequent speaker at many RSA conferences throughout the US and Europe. Dournaee is an established author who wrote the first book on XML Security and co-authored SOA Demystified from Intel press.

Latest Stories
SYS-CON Events announced today that Micron Technology, Inc., a global leader in advanced semiconductor systems, will exhibit at the 17th International Cloud Expo®, which will take place on November 3–5, 2015, at the Santa Clara Convention Center in Santa Clara, CA. Micron’s broad portfolio of high-performance memory technologies – including DRAM, NAND and NOR Flash – is the basis for solid state drives, modules, multichip packages and other system solutions. Backed by more than 35 years of tech...
This Enterprise Strategy Group lab validation report of the NEC Express5800/R320 server with Intel® Xeon® processor presents the benefits of 99.999% uptime NEC fault-tolerant servers that lower overall virtualized server total cost of ownership. This report also includes survey data on the significant costs associated with system outages impacting enterprise and web applications. Click Here to Download Report Now!
SYS-CON Events announced today that Pythian, a global IT services company specializing in helping companies leverage disruptive technologies to optimize revenue-generating systems, has been named “Bronze Sponsor” of SYS-CON's 17th Cloud Expo, which will take place on November 3–5, 2015, at the Santa Clara Convention Center in Santa Clara, CA. Founded in 1997, Pythian is a global IT services company that helps companies compete by adopting disruptive technologies such as cloud, Big Data, advance...
SYS-CON Events announced today the Containers & Microservices Bootcamp, being held November 3-4, 2015, in conjunction with 17th Cloud Expo, @ThingsExpo, and @DevOpsSummit at the Santa Clara Convention Center in Santa Clara, CA. This is your chance to get started with the latest technology in the industry. Combined with real-world scenarios and use cases, the Containers and Microservices Bootcamp, led by Janakiram MSV, a Microsoft Regional Director, will include presentations as well as hands-on...
Cloud and datacenter migration innovator AppZero has joined the Microsoft Enterprise Cloud Alliance Program. AppZero is a fast, flexible way to move Windows Server applications from any source machine – physical or virtual – to any destination server, in any cloud or datacenter, using its patented container technology. AppZero’s container is also called a Virtual Application Appliance (VAA). To facilitate Microsoft Azure onboarding, AppZero has two purpose-built offerings: AppZero SP for Azure,...
Organizations from small to large are increasingly adopting cloud solutions to deliver essential business services at a much lower cost. According to cyber security experts, the frequency and severity of cyber-attacks are on the rise, causing alarm to businesses and customers across a variety of industries. To defend against exploits like these, a company must adopt a comprehensive security defense strategy that is designed for their business. In 2015, organizations such as United Airlines, Sony...
SYS-CON Events announced today that HPM Networks will exhibit at the 17th International Cloud Expo®, which will take place on November 3–5, 2015, at the Santa Clara Convention Center in Santa Clara, CA. For 20 years, HPM Networks has been integrating technology solutions that solve complex business challenges. HPM Networks has designed solutions for both SMB and enterprise customers throughout the San Francisco Bay Area.
Consumer IoT applications provide data about the user that just doesn’t exist in traditional PC or mobile web applications. This rich data, or “context,” enables the highly personalized consumer experiences that characterize many consumer IoT apps. This same data is also providing brands with unprecedented insight into how their connected products are being used, while, at the same time, powering highly targeted engagement and marketing opportunities. In his session at @ThingsExpo, Nathan Trel...
Red Hat is investing in Tesora, the number one contributor to OpenStack Trove Database as a Service (DBaaS) also ranked among the top 20 companies contributing to OpenStack overall. Tesora, the company bringing OpenStack Trove Database as a Service (DBaaS) to the enterprise, has announced that Red Hat and others have invested in the company as a part of Tesora's latest funding round. The funding agreement expands on the ongoing collaboration between Tesora and Red Hat, which dates back to Febr...
IBM’s Blue Box Cloud, powered by OpenStack, is now available in any of IBM’s globally integrated cloud data centers running SoftLayer infrastructure. Less than 90 days after its acquisition of Blue Box, IBM has integrated its Blue Box Cloud Dedicated private-cloud-as-a-service into its broader portfolio of OpenStack® based solutions. The announcement, made today at the OpenStack Silicon Valley event, further highlights IBM’s continued support to deliver OpenStack solutions across all cloud depl...
Everyone talks about continuous integration and continuous delivery but those are just two ends of the pipeline. In the middle of DevOps is continuous testing (CT), and many organizations are struggling to implement continuous testing effectively. After all, without continuous testing there is no delivery. And Lab-As-A-Service (LaaS) enhances the CT with dynamic on-demand self-serve test topologies. CT together with LAAS make a powerful combination that perfectly serves complex software developm...
Through WebRTC, audio and video communications are being embedded more easily than ever into applications, helping carriers, enterprises and independent software vendors deliver greater functionality to their end users. With today’s business world increasingly focused on outcomes, users’ growing calls for ease of use, and businesses craving smarter, tighter integration, what’s the next step in delivering a richer, more immersive experience? That richer, more fully integrated experience comes ab...
With the proliferation of connected devices underpinning new Internet of Things systems, Brandon Schulz, Director of Luxoft IoT – Retail, will be looking at the transformation of the retail customer experience in brick and mortar stores in his session at @ThingsExpo. Questions he will address include: Will beacons drop to the wayside like QR codes, or be a proximity-based profit driver? How will the customer experience change in stores of all types when everything can be instrumented and a...
Culture is the most important ingredient of DevOps. The challenge for most organizations is defining and communicating a vision of beneficial DevOps culture for their organizations, and then facilitating the changes needed to achieve that. Often this comes down to an ability to provide true leadership. As a CIO, are your direct reports IT managers or are they IT leaders? The hard truth is that many IT managers have risen through the ranks based on their technical skills, not their leadership ab...
WSM International, the pioneer and leader in server migration services, has announced an agreement with WHOA.com, a leader in providing secure public, private and hybrid cloud computing services. Under terms of the agreement, WSM will provide migration services to WHOA.com customers to relocate some or all of their applications, digital assets, and other computing workloads to WHOA.com enterprise-class, secure cloud infrastructure. The migration services include detailed evaluation and planning...